start.sh 4.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164
  1. #!/usr/bin/env bash
  2. DIR="$( cd "$( dirname "$0" )" && pwd )"
  3. CWD=$(pwd)
  4. cd "$DIR/.." || exit
  5. # Do not override PYTHONPATH if we are in a virtual env
  6. if [ "$VIRTUAL_ENV" = "" ]; then
  7. PYTHONPATH=$(readlink -f "$(pwd)")
  8. export PYTHONPATH
  9. echo "$PYTHONPATH"
  10. fi
  11. # Create servers which listen on HTTP at 808x and HTTPS at 848x.
  12. for port in 8080 8081 8082; do
  13. echo "Starting server on port $port... "
  14. https_port=$((port + 400))
  15. mkdir -p demo/$port
  16. pushd demo/$port || exit
  17. # Generate the configuration for the homeserver at localhost:848x, note that
  18. # the homeserver name needs to match the HTTPS listening port for federation
  19. # to properly work..
  20. python3 -m synapse.app.homeserver \
  21. --generate-config \
  22. --server-name "localhost:$https_port" \
  23. --config-path "$port.config" \
  24. --report-stats no
  25. if ! grep -F "Customisation made by demo/start.sh" -q "$port.config"; then
  26. # Generate TLS keys.
  27. openssl req -x509 -newkey rsa:4096 \
  28. -keyout "localhost:$port.tls.key" \
  29. -out "localhost:$port.tls.crt" \
  30. -days 365 -nodes -subj "/O=matrix"
  31. # Add customisations to the configuration.
  32. {
  33. printf '\n\n# Customisation made by demo/start.sh\n\n'
  34. echo "public_baseurl: http://localhost:$port/"
  35. echo 'enable_registration: true'
  36. echo 'enable_registration_without_verification: true'
  37. echo ''
  38. # Warning, this heredoc depends on the interaction of tabs and spaces.
  39. # Please don't accidentaly bork me with your fancy settings.
  40. listeners=$(cat <<-PORTLISTENERS
  41. # Configure server to listen on both $https_port and $port
  42. # This overides some of the default settings above
  43. listeners:
  44. - port: $https_port
  45. type: http
  46. tls: true
  47. resources:
  48. - names: [client, federation]
  49. - port: $port
  50. tls: false
  51. bind_addresses: ['::1', '127.0.0.1']
  52. type: http
  53. x_forwarded: true
  54. resources:
  55. - names: [client, federation]
  56. compress: false
  57. PORTLISTENERS
  58. )
  59. echo "${listeners}"
  60. # Disable TLS for the servers
  61. printf '\n\n# Disable TLS for the servers.'
  62. echo '# DO NOT USE IN PRODUCTION'
  63. echo 'use_insecure_ssl_client_just_for_testing_do_not_use: true'
  64. echo 'federation_verify_certificates: false'
  65. # Set paths for the TLS certificates.
  66. echo "tls_certificate_path: \"$DIR/$port/localhost:$port.tls.crt\""
  67. echo "tls_private_key_path: \"$DIR/$port/localhost:$port.tls.key\""
  68. # Ignore keys from the trusted keys server
  69. echo '# Ignore keys from the trusted keys server'
  70. echo 'trusted_key_servers:'
  71. echo ' - server_name: "matrix.org"'
  72. echo ' accept_keys_insecurely: true'
  73. echo ''
  74. # Allow the servers to communicate over localhost.
  75. allow_list=$(cat <<-ALLOW_LIST
  76. # Allow the servers to communicate over localhost.
  77. ip_range_whitelist:
  78. - '127.0.0.1/8'
  79. - '::1/128'
  80. ALLOW_LIST
  81. )
  82. echo "${allow_list}"
  83. } >> "$port.config"
  84. fi
  85. # Check script parameters
  86. if [ $# -eq 1 ]; then
  87. if [ "$1" = "--no-rate-limit" ]; then
  88. # Disable any rate limiting
  89. ratelimiting=$(cat <<-RC
  90. rc_message:
  91. per_second: 1000
  92. burst_count: 1000
  93. rc_registration:
  94. per_second: 1000
  95. burst_count: 1000
  96. rc_login:
  97. address:
  98. per_second: 1000
  99. burst_count: 1000
  100. account:
  101. per_second: 1000
  102. burst_count: 1000
  103. failed_attempts:
  104. per_second: 1000
  105. burst_count: 1000
  106. rc_admin_redaction:
  107. per_second: 1000
  108. burst_count: 1000
  109. rc_joins:
  110. local:
  111. per_second: 1000
  112. burst_count: 1000
  113. remote:
  114. per_second: 1000
  115. burst_count: 1000
  116. rc_3pid_validation:
  117. per_second: 1000
  118. burst_count: 1000
  119. rc_invites:
  120. per_room:
  121. per_second: 1000
  122. burst_count: 1000
  123. per_user:
  124. per_second: 1000
  125. burst_count: 1000
  126. RC
  127. )
  128. echo "${ratelimiting}" >> "$port.config"
  129. fi
  130. fi
  131. # Always disable reporting of stats if the option is not there.
  132. if ! grep -F "report_stats" -q "$port.config" ; then
  133. echo "report_stats: false" >> "$port.config"
  134. fi
  135. # Run the homeserver in the background.
  136. python3 -m synapse.app.homeserver \
  137. --config-path "$port.config" \
  138. -D \
  139. popd || exit
  140. done
  141. cd "$CWD" || exit